pelle-oauth 0.3.1 → 0.3.5
Sign up to get free protection for your applications and to get access to all the features.
- data/History.txt +66 -17
- data/Manifest.txt +14 -1
- data/README.rdoc +7 -9
- data/Rakefile +7 -5
- data/TODO +17 -0
- data/bin/oauth +2 -2
- data/examples/yql.rb +44 -0
- data/lib/oauth.rb +1 -0
- data/lib/oauth/cli.rb +279 -31
- data/lib/oauth/client/action_controller_request.rb +14 -12
- data/lib/oauth/client/helper.rb +22 -14
- data/lib/oauth/client/net_http.rb +53 -22
- data/lib/oauth/consumer.rb +217 -111
- data/lib/oauth/errors.rb +3 -0
- data/lib/oauth/errors/error.rb +4 -0
- data/lib/oauth/errors/problem.rb +14 -0
- data/lib/oauth/errors/unauthorized.rb +12 -0
- data/lib/oauth/helper.rb +67 -6
- data/lib/oauth/oauth.rb +11 -0
- data/lib/oauth/oauth_test_helper.rb +12 -13
- data/lib/oauth/request_proxy/action_controller_request.rb +8 -8
- data/lib/oauth/request_proxy/base.rb +102 -44
- data/lib/oauth/request_proxy/jabber_request.rb +1 -2
- data/lib/oauth/request_proxy/mock_request.rb +8 -0
- data/lib/oauth/request_proxy/net_http.rb +2 -2
- data/lib/oauth/request_proxy/rack_request.rb +7 -7
- data/lib/oauth/server.rb +31 -33
- data/lib/oauth/signature.rb +9 -0
- data/lib/oauth/signature/base.rb +23 -21
- data/lib/oauth/signature/hmac/base.rb +1 -1
- data/lib/oauth/signature/hmac/sha1.rb +0 -1
- data/lib/oauth/signature/plaintext.rb +2 -2
- data/lib/oauth/signature/rsa/sha1.rb +5 -4
- data/lib/oauth/token.rb +6 -136
- data/lib/oauth/tokens/access_token.rb +68 -0
- data/lib/oauth/tokens/consumer_token.rb +33 -0
- data/lib/oauth/tokens/request_token.rb +32 -0
- data/lib/oauth/tokens/server_token.rb +9 -0
- data/lib/oauth/tokens/token.rb +17 -0
- data/lib/oauth/version.rb +1 -1
- data/oauth.gemspec +13 -7
- data/test/cases/spec/1_0-final/test_construct_request_url.rb +1 -1
- data/test/test_access_token.rb +28 -0
- data/test/test_action_controller_request_proxy.rb +105 -6
- data/test/test_consumer.rb +41 -5
- data/test/test_helper.rb +0 -5
- data/test/test_net_http_client.rb +38 -20
- data/test/test_net_http_request_proxy.rb +43 -8
- data/test/test_oauth_helper.rb +50 -0
- data/test/test_request_token.rb +53 -0
- data/test/test_server.rb +1 -1
- data/test/test_signature.rb +19 -11
- data/website/index.html +2 -2
- metadata +46 -6
@@ -0,0 +1,68 @@
|
|
1
|
+
module OAuth
|
2
|
+
# The Access Token is used for the actual "real" web service calls that you perform against the server
|
3
|
+
class AccessToken < ConsumerToken
|
4
|
+
# The less intrusive way. Otherwise, if we are to do it correctly inside consumer,
|
5
|
+
# we need to restructure and touch more methods: request(), sign!(), etc.
|
6
|
+
def request(http_method, path, *arguments)
|
7
|
+
request_uri = URI.parse(path)
|
8
|
+
site_uri = consumer.uri
|
9
|
+
is_service_uri_different = (request_uri.absolute? && request_uri != site_uri)
|
10
|
+
consumer.uri(request_uri) if is_service_uri_different
|
11
|
+
@response = super(http_method, path, *arguments)
|
12
|
+
# NOTE: reset for wholesomeness? meaning that we admit only AccessToken service calls may use different URIs?
|
13
|
+
# so reset in case consumer is still used for other token-management tasks subsequently?
|
14
|
+
consumer.uri(site_uri) if is_service_uri_different
|
15
|
+
@response
|
16
|
+
end
|
17
|
+
|
18
|
+
# Make a regular GET request using AccessToken
|
19
|
+
#
|
20
|
+
# @response = @token.get('/people')
|
21
|
+
# @response = @token.get('/people', { 'Accept'=>'application/xml' })
|
22
|
+
#
|
23
|
+
def get(path, headers = {})
|
24
|
+
request(:get, path, headers)
|
25
|
+
end
|
26
|
+
|
27
|
+
# Make a regular HEAD request using AccessToken
|
28
|
+
#
|
29
|
+
# @response = @token.head('/people')
|
30
|
+
#
|
31
|
+
def head(path, headers = {})
|
32
|
+
request(:head, path, headers)
|
33
|
+
end
|
34
|
+
|
35
|
+
# Make a regular POST request using AccessToken
|
36
|
+
#
|
37
|
+
# @response = @token.post('/people')
|
38
|
+
# @response = @token.post('/people', { :name => 'Bob', :email => 'bob@mailinator.com' })
|
39
|
+
# @response = @token.post('/people', { :name => 'Bob', :email => 'bob@mailinator.com' }, { 'Accept' => 'application/xml' })
|
40
|
+
# @response = @token.post('/people', nil, {'Accept' => 'application/xml' })
|
41
|
+
# @response = @token.post('/people', @person.to_xml, { 'Accept'=>'application/xml', 'Content-Type' => 'application/xml' })
|
42
|
+
#
|
43
|
+
def post(path, body = '', headers = {})
|
44
|
+
request(:post, path, body, headers)
|
45
|
+
end
|
46
|
+
|
47
|
+
# Make a regular PUT request using AccessToken
|
48
|
+
#
|
49
|
+
# @response = @token.put('/people/123')
|
50
|
+
# @response = @token.put('/people/123', { :name => 'Bob', :email => 'bob@mailinator.com' })
|
51
|
+
# @response = @token.put('/people/123', { :name => 'Bob', :email => 'bob@mailinator.com' }, { 'Accept' => 'application/xml' })
|
52
|
+
# @response = @token.put('/people/123', nil, { 'Accept' => 'application/xml' })
|
53
|
+
# @response = @token.put('/people/123', @person.to_xml, { 'Accept' => 'application/xml', 'Content-Type' => 'application/xml' })
|
54
|
+
#
|
55
|
+
def put(path, body = '', headers = {})
|
56
|
+
request(:put, path, body, headers)
|
57
|
+
end
|
58
|
+
|
59
|
+
# Make a regular DELETE request using AccessToken
|
60
|
+
#
|
61
|
+
# @response = @token.delete('/people/123')
|
62
|
+
# @response = @token.delete('/people/123', { 'Accept' => 'application/xml' })
|
63
|
+
#
|
64
|
+
def delete(path, headers = {})
|
65
|
+
request(:delete, path, headers)
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
module OAuth
|
2
|
+
# Superclass for tokens used by OAuth Clients
|
3
|
+
class ConsumerToken < Token
|
4
|
+
attr_accessor :consumer, :params
|
5
|
+
attr_reader :response
|
6
|
+
|
7
|
+
def self.from_hash(consumer, hash)
|
8
|
+
token = self.new(consumer, hash[:oauth_token], hash[:oauth_token_secret])
|
9
|
+
token.params = hash
|
10
|
+
token
|
11
|
+
end
|
12
|
+
|
13
|
+
def initialize(consumer, token="", secret="")
|
14
|
+
super(token, secret)
|
15
|
+
@consumer = consumer
|
16
|
+
@params = {}
|
17
|
+
end
|
18
|
+
|
19
|
+
# Make a signed request using given http_method to the path
|
20
|
+
#
|
21
|
+
# @token.request(:get, '/people')
|
22
|
+
# @token.request(:post, '/people', @person.to_xml, { 'Content-Type' => 'application/xml' })
|
23
|
+
#
|
24
|
+
def request(http_method, path, *arguments)
|
25
|
+
@response = consumer.request(http_method, path, self, {}, *arguments)
|
26
|
+
end
|
27
|
+
|
28
|
+
# Sign a request generated elsewhere using Net:HTTP::Post.new or friends
|
29
|
+
def sign!(request, options = {})
|
30
|
+
consumer.sign!(request, self, options)
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
module OAuth
|
2
|
+
# The RequestToken is used for the initial Request.
|
3
|
+
# This is normally created by the Consumer object.
|
4
|
+
class RequestToken < ConsumerToken
|
5
|
+
|
6
|
+
# Generate an authorization URL for user authorization
|
7
|
+
def authorize_url(params = nil)
|
8
|
+
params = (params || {}).merge(:oauth_token => self.token)
|
9
|
+
build_authorize_url(consumer.authorize_url, params)
|
10
|
+
end
|
11
|
+
|
12
|
+
def callback_confirmed?
|
13
|
+
params[:oauth_callback_confirmed] == "true"
|
14
|
+
end
|
15
|
+
|
16
|
+
# exchange for AccessToken on server
|
17
|
+
def get_access_token(options = {}, *arguments)
|
18
|
+
response = consumer.token_request(consumer.http_method, (consumer.access_token_url? ? consumer.access_token_url : consumer.access_token_path), self, options, *arguments)
|
19
|
+
OAuth::AccessToken.from_hash(consumer, response)
|
20
|
+
end
|
21
|
+
|
22
|
+
protected
|
23
|
+
|
24
|
+
# construct an authorization url
|
25
|
+
def build_authorize_url(base_url, params)
|
26
|
+
uri = URI.parse(base_url.to_s)
|
27
|
+
# TODO doesn't handle array values correctly
|
28
|
+
uri.query = params.map { |k,v| [k, CGI.escape(v)] * "=" } * "&"
|
29
|
+
uri.to_s
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
module OAuth
|
2
|
+
# Superclass for the various tokens used by OAuth
|
3
|
+
class Token
|
4
|
+
include OAuth::Helper
|
5
|
+
|
6
|
+
attr_accessor :token, :secret
|
7
|
+
|
8
|
+
def initialize(token, secret)
|
9
|
+
@token = token
|
10
|
+
@secret = secret
|
11
|
+
end
|
12
|
+
|
13
|
+
def to_query
|
14
|
+
"oauth_token=#{escape(token)}&oauth_secret=#{escape(secret)}"
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
data/lib/oauth/version.rb
CHANGED
data/oauth.gemspec
CHANGED
@@ -2,17 +2,17 @@
|
|
2
2
|
|
3
3
|
Gem::Specification.new do |s|
|
4
4
|
s.name = %q{oauth}
|
5
|
-
s.version = "0.3.
|
5
|
+
s.version = "0.3.5"
|
6
6
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
8
|
-
s.authors = ["Pelle Braendgaard", "Blaine Cook", "Larry Halff", "Jesse Clark", "Jon Crosby", "Seth Fitzsimmons"]
|
9
|
-
s.date = %q{2009-
|
8
|
+
s.authors = ["Pelle Braendgaard", "Blaine Cook", "Larry Halff", "Jesse Clark", "Jon Crosby", "Seth Fitzsimmons", "Matt Sanford"]
|
9
|
+
s.date = %q{2009-06-03}
|
10
10
|
s.default_executable = %q{oauth}
|
11
11
|
s.description = %q{OAuth Core Ruby implementation}
|
12
|
-
s.email = %q{
|
12
|
+
s.email = %q{oauth-ruby@googlegroups.com}
|
13
13
|
s.executables = ["oauth"]
|
14
|
-
s.extra_rdoc_files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "
|
15
|
-
s.files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "Rakefile", "TODO", "bin/oauth", "lib/oauth.rb", "lib/oauth/cli.rb", "lib/oauth/client.rb", "lib/oauth/client/action_controller_request.rb", "lib/oauth/client/helper.rb", "lib/oauth/client/net_http.rb", "lib/oauth/consumer.rb", "lib/oauth/helper.rb", "lib/oauth/oauth_test_helper.rb", "lib/oauth/request_proxy.rb", "lib/oauth/request_proxy/action_controller_request.rb", "lib/oauth/request_proxy/base.rb", "lib/oauth/request_proxy/jabber_request.rb", "lib/oauth/request_proxy/mock_request.rb", "lib/oauth/request_proxy/net_http.rb", "lib/oauth/request_proxy/rack_request.rb", "lib/oauth/server.rb", "lib/oauth/signature.rb", "lib/oauth/signature/base.rb", "lib/oauth/signature/hmac/base.rb", "lib/oauth/signature/hmac/md5.rb", "lib/oauth/signature/hmac/rmd160.rb", "lib/oauth/signature/hmac/sha1.rb", "lib/oauth/signature/hmac/sha2.rb", "lib/oauth/signature/md5.rb", "lib/oauth/signature/plaintext.rb", "lib/oauth/signature/rsa/sha1.rb", "lib/oauth/signature/sha1.rb", "lib/oauth/token.rb", "lib/oauth/version.rb", "oauth.gemspec", "script/destroy", "script/generate", "script/txt2html", "setup.rb", "
|
14
|
+
s.extra_rdoc_files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "website/index.txt"]
|
15
|
+
s.files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "Rakefile", "TODO", "bin/oauth", "examples/yql.rb", "lib/oauth.rb", "lib/oauth/oauth.rb", "lib/oauth/cli.rb", "lib/oauth/client.rb", "lib/oauth/client/action_controller_request.rb", "lib/oauth/client/helper.rb", "lib/oauth/client/net_http.rb", "lib/oauth/consumer.rb", "lib/oauth/errors.rb", "lib/oauth/errors/error.rb", "lib/oauth/errors/problem.rb", "lib/oauth/errors/unauthorized.rb", "lib/oauth/helper.rb", "lib/oauth/oauth_test_helper.rb", "lib/oauth/request_proxy.rb", "lib/oauth/request_proxy/action_controller_request.rb", "lib/oauth/request_proxy/base.rb", "lib/oauth/request_proxy/jabber_request.rb", "lib/oauth/request_proxy/mock_request.rb", "lib/oauth/request_proxy/net_http.rb", "lib/oauth/request_proxy/rack_request.rb", "lib/oauth/server.rb", "lib/oauth/signature.rb", "lib/oauth/signature/base.rb", "lib/oauth/signature/hmac/base.rb", "lib/oauth/signature/hmac/md5.rb", "lib/oauth/signature/hmac/rmd160.rb", "lib/oauth/signature/hmac/sha1.rb", "lib/oauth/signature/hmac/sha2.rb", "lib/oauth/signature/md5.rb", "lib/oauth/signature/plaintext.rb", "lib/oauth/signature/rsa/sha1.rb", "lib/oauth/signature/sha1.rb", "lib/oauth/token.rb", "lib/oauth/tokens/access_token.rb", "lib/oauth/tokens/consumer_token.rb", "lib/oauth/tokens/request_token.rb", "lib/oauth/tokens/server_token.rb", "lib/oauth/tokens/token.rb", "lib/oauth/version.rb", "oauth.gemspec", "script/destroy", "script/generate", "script/txt2html", "setup.rb", "tasks/deployment.rake", "tasks/environment.rake", "tasks/website.rake", "test/cases/oauth_case.rb", "test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/keys/rsa.cert", "test/keys/rsa.pem", "test/test_access_token.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_oauth_helper.rb", "test/test_rack_request_proxy.rb", "test/test_request_token.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb", "website/index.html", "website/index.txt", "website/javascripts/rounded_corners_lite.inc.js", "website/stylesheets/screen.css", "website/template.rhtml"]
|
16
16
|
s.has_rdoc = true
|
17
17
|
s.homepage = %q{http://oauth.rubyforge.org}
|
18
18
|
s.rdoc_options = ["--main", "README.rdoc"]
|
@@ -20,7 +20,7 @@ Gem::Specification.new do |s|
|
|
20
20
|
s.rubyforge_project = %q{oauth}
|
21
21
|
s.rubygems_version = %q{1.3.1}
|
22
22
|
s.summary = %q{OAuth Core Ruby implementation}
|
23
|
-
s.test_files = ["test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_rack_request_proxy.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb"]
|
23
|
+
s.test_files = ["test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/test_access_token.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_oauth_helper.rb", "test/test_rack_request_proxy.rb", "test/test_request_token.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb"]
|
24
24
|
|
25
25
|
if s.respond_to? :specification_version then
|
26
26
|
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
@@ -29,15 +29,21 @@ Gem::Specification.new do |s|
|
|
29
29
|
if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
|
30
30
|
s.add_runtime_dependency(%q<ruby-hmac>, [">= 0.3.1"])
|
31
31
|
s.add_development_dependency(%q<newgem>, [">= 1.2.3"])
|
32
|
+
s.add_development_dependency(%q<actionpack>, [">= 0"])
|
33
|
+
s.add_development_dependency(%q<rack>, [">= 0"])
|
32
34
|
s.add_development_dependency(%q<hoe>, [">= 1.8.0"])
|
33
35
|
else
|
34
36
|
s.add_dependency(%q<ruby-hmac>, [">= 0.3.1"])
|
35
37
|
s.add_dependency(%q<newgem>, [">= 1.2.3"])
|
38
|
+
s.add_dependency(%q<actionpack>, [">= 0"])
|
39
|
+
s.add_dependency(%q<rack>, [">= 0"])
|
36
40
|
s.add_dependency(%q<hoe>, [">= 1.8.0"])
|
37
41
|
end
|
38
42
|
else
|
39
43
|
s.add_dependency(%q<ruby-hmac>, [">= 0.3.1"])
|
40
44
|
s.add_dependency(%q<newgem>, [">= 1.2.3"])
|
45
|
+
s.add_dependency(%q<actionpack>, [">= 0"])
|
46
|
+
s.add_dependency(%q<rack>, [">= 0"])
|
41
47
|
s.add_dependency(%q<hoe>, [">= 1.8.0"])
|
42
48
|
end
|
43
49
|
end
|
@@ -40,7 +40,7 @@ class ConstructRequestUrlTest < OAuthCase
|
|
40
40
|
assert_request_url("https://example.com/resource","HTTPS://Example.com:443/resource?id=123")
|
41
41
|
end
|
42
42
|
|
43
|
-
def
|
43
|
+
def test_of_normalized_https
|
44
44
|
assert_request_url("https://example.com/resource","https://example.com/resource")
|
45
45
|
end
|
46
46
|
|
@@ -0,0 +1,28 @@
|
|
1
|
+
require File.dirname(__FILE__) + '/test_helper.rb'
|
2
|
+
require 'oauth/token'
|
3
|
+
require 'oauth/consumer'
|
4
|
+
|
5
|
+
class TestAccessToken < Test::Unit::TestCase
|
6
|
+
def setup
|
7
|
+
@fake_response = {
|
8
|
+
:user_id => 5734758743895,
|
9
|
+
:oauth_token => "key",
|
10
|
+
:oauth_token_secret => "secret"
|
11
|
+
}
|
12
|
+
# setup a fake req. token. mocking Consumer would be more appropriate...
|
13
|
+
@access_token = OAuth::AccessToken.from_hash(
|
14
|
+
OAuth::Consumer.new("key", "secret", {}),
|
15
|
+
@fake_response
|
16
|
+
)
|
17
|
+
end
|
18
|
+
|
19
|
+
def test_provides_response_parameters
|
20
|
+
assert @access_token
|
21
|
+
assert_respond_to @access_token, :params
|
22
|
+
end
|
23
|
+
|
24
|
+
def test_access_token_makes_non_oauth_response_params_available
|
25
|
+
assert_not_nil @access_token.params[:user_id]
|
26
|
+
assert_equal 5734758743895, @access_token.params[:user_id]
|
27
|
+
end
|
28
|
+
end
|
@@ -5,24 +5,123 @@ require 'action_controller/test_process'
|
|
5
5
|
|
6
6
|
class ActionControllerRequestProxyTest < Test::Unit::TestCase
|
7
7
|
|
8
|
-
def request_proxy(
|
9
|
-
request = ActionController::TestRequest.new
|
8
|
+
def request_proxy(request_method = :get, uri_params = {}, body_params = {})
|
9
|
+
request = ActionController::TestRequest.new
|
10
|
+
|
11
|
+
case request_method
|
12
|
+
when :post
|
13
|
+
request.env['REQUEST_METHOD'] = 'POST'
|
14
|
+
when :put
|
15
|
+
request.env['REQUEST_METHOD'] = 'PUT'
|
16
|
+
end
|
17
|
+
|
18
|
+
request.env['RAW_POST_DATA'] = body_params.to_query
|
10
19
|
request.env['CONTENT_TYPE'] = 'application/x-www-form-urlencoded'
|
20
|
+
|
11
21
|
yield request if block_given?
|
12
|
-
OAuth::RequestProxy.proxy(request)
|
22
|
+
OAuth::RequestProxy.proxy(request, :parameters=>uri_params)
|
23
|
+
end
|
24
|
+
|
25
|
+
def test_that_proxy_simple_get_request_works_with_query_params
|
26
|
+
request_proxy = request_proxy(:get, {'key'=>'value'})
|
27
|
+
|
28
|
+
expected_parameters = [["key", "value"]]
|
29
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
30
|
+
assert_equal 'GET', request_proxy.method
|
31
|
+
end
|
32
|
+
|
33
|
+
def test_that_proxy_simple_post_request_works_with_query_params
|
34
|
+
request_proxy = request_proxy(:post, {'key'=>'value'})
|
35
|
+
|
36
|
+
expected_parameters = [["key", "value"]]
|
37
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
38
|
+
assert_equal 'POST', request_proxy.method
|
39
|
+
end
|
40
|
+
|
41
|
+
def test_that_proxy_simple_put_request_works_with_query_params
|
42
|
+
request_proxy = request_proxy(:put, {'key'=>'value'})
|
43
|
+
|
44
|
+
expected_parameters = [["key", "value"]]
|
45
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
46
|
+
assert_equal 'PUT', request_proxy.method
|
47
|
+
end
|
48
|
+
|
49
|
+
def test_that_proxy_simple_put_request_works_with_post_params
|
50
|
+
request_proxy = request_proxy(:get, {}, {'key'=>'value'})
|
51
|
+
|
52
|
+
expected_parameters = []
|
53
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
54
|
+
assert_equal 'GET', request_proxy.method
|
13
55
|
end
|
14
|
-
|
56
|
+
|
57
|
+
def test_that_proxy_simple_post_request_works_with_post_params
|
58
|
+
request_proxy = request_proxy(:post, {}, {'key'=>'value'})
|
59
|
+
|
60
|
+
expected_parameters = [["key", "value"]]
|
61
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
62
|
+
assert_equal 'POST', request_proxy.method
|
63
|
+
end
|
64
|
+
|
65
|
+
def test_that_proxy_simple_put_request_works_with_post_params
|
66
|
+
request_proxy = request_proxy(:put, {}, {'key'=>'value'})
|
67
|
+
|
68
|
+
expected_parameters = []
|
69
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
70
|
+
assert_equal 'PUT', request_proxy.method
|
71
|
+
end
|
72
|
+
|
73
|
+
def test_that_proxy_simple_put_request_works_with_mixed_params
|
74
|
+
request_proxy = request_proxy(:get, {'key'=>'value'}, {'key2'=>'value2'})
|
75
|
+
|
76
|
+
expected_parameters = [["key", "value"]]
|
77
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
78
|
+
assert_equal 'GET', request_proxy.method
|
79
|
+
end
|
80
|
+
|
81
|
+
def test_that_proxy_simple_post_request_works_with_mixed_params
|
82
|
+
request_proxy = request_proxy(:post, {'key'=>'value'}, {'key2'=>'value2'})
|
83
|
+
|
84
|
+
expected_parameters = [["key", "value"],["key2", "value2"]]
|
85
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
86
|
+
assert_equal 'POST', request_proxy.method
|
87
|
+
end
|
88
|
+
|
89
|
+
def test_that_proxy_simple_put_request_works_with_mixed_params
|
90
|
+
request_proxy = request_proxy(:put, {'key'=>'value'}, {'key2'=>'value2'})
|
91
|
+
|
92
|
+
expected_parameters = [["key", "value"]]
|
93
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
94
|
+
assert_equal 'PUT', request_proxy.method
|
95
|
+
end
|
96
|
+
|
15
97
|
def test_parameter_keys_should_preserve_brackets_from_hash
|
16
98
|
assert_equal(
|
17
99
|
[["message[body]", "This is a test"]],
|
18
|
-
request_proxy({ :message => { :body => 'This is a test' }}).parameters_for_signature
|
100
|
+
request_proxy(:post, { :message => { :body => 'This is a test' }}).parameters_for_signature
|
101
|
+
)
|
102
|
+
end
|
103
|
+
|
104
|
+
def test_parameter_values_with_amps_should_not_break_parameter_parsing
|
105
|
+
assert_equal(
|
106
|
+
[['message[body]', 'http://foo.com/?a=b&c=d']],
|
107
|
+
request_proxy(:post, { :message => { :body => 'http://foo.com/?a=b&c=d'}}).parameters_for_signature
|
19
108
|
)
|
20
109
|
end
|
21
110
|
|
22
111
|
def test_parameter_keys_should_preserve_brackets_from_array
|
23
112
|
assert_equal(
|
24
113
|
[["foo[]", "123"], ["foo[]", "456"]],
|
25
|
-
request_proxy({ :foo => [123, 456] }).parameters_for_signature.sort
|
114
|
+
request_proxy(:post, { :foo => [123, 456] }).parameters_for_signature.sort
|
115
|
+
)
|
116
|
+
end
|
117
|
+
|
118
|
+
def test_query_string_parameter_values_should_be_cgi_unescaped
|
119
|
+
request = request_proxy do |r|
|
120
|
+
r.env['QUERY_STRING'] = 'url=http%3A%2F%2Ffoo.com%2F%3Fa%3Db%26c%3Dd'
|
121
|
+
end
|
122
|
+
assert_equal(
|
123
|
+
[['url', 'http://foo.com/?a=b&c=d']],
|
124
|
+
request.parameters_for_signature.sort
|
26
125
|
)
|
27
126
|
end
|
28
127
|
end
|
data/test/test_consumer.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
|
-
require '
|
2
|
-
require 'test/unit'
|
1
|
+
require File.dirname(__FILE__) + '/test_helper'
|
3
2
|
require 'oauth/consumer'
|
4
3
|
require 'oauth/signature/rsa/sha1'
|
4
|
+
require 'stringio'
|
5
5
|
|
6
6
|
|
7
7
|
# This performs testing against Andy Smith's test server http://term.ie/oauth/example/
|
@@ -13,6 +13,7 @@ class ConsumerTest < Test::Unit::TestCase
|
|
13
13
|
'consumer_key_86cad9', '5888bf0345e5d237',
|
14
14
|
{
|
15
15
|
:site=>"http://blabla.bla",
|
16
|
+
:proxy=>"http://user:password@proxy.bla:8080",
|
16
17
|
:request_token_path=>"/oauth/example/request_token.php",
|
17
18
|
:access_token_path=>"/oauth/example/access_token.php",
|
18
19
|
:authorize_path=>"/oauth/example/authorize.php",
|
@@ -31,6 +32,7 @@ class ConsumerTest < Test::Unit::TestCase
|
|
31
32
|
assert_equal "consumer_key_86cad9",@consumer.key
|
32
33
|
assert_equal "5888bf0345e5d237",@consumer.secret
|
33
34
|
assert_equal "http://blabla.bla",@consumer.site
|
35
|
+
assert_equal "http://user:password@proxy.bla:8080",@consumer.proxy
|
34
36
|
assert_equal "/oauth/example/request_token.php",@consumer.request_token_path
|
35
37
|
assert_equal "/oauth/example/access_token.php",@consumer.access_token_path
|
36
38
|
assert_equal "http://blabla.bla/oauth/example/request_token.php",@consumer.request_token_url
|
@@ -50,6 +52,7 @@ class ConsumerTest < Test::Unit::TestCase
|
|
50
52
|
assert_equal "key",@consumer.key
|
51
53
|
assert_equal "secret",@consumer.secret
|
52
54
|
assert_equal "http://twitter.com",@consumer.site
|
55
|
+
assert_nil @consumer.proxy
|
53
56
|
assert_equal "/oauth/request_token",@consumer.request_token_path
|
54
57
|
assert_equal "/oauth/access_token",@consumer.access_token_path
|
55
58
|
assert_equal "http://twitter.com/oauth/request_token",@consumer.request_token_url
|
@@ -144,7 +147,7 @@ class ConsumerTest < Test::Unit::TestCase
|
|
144
147
|
|
145
148
|
assert_equal 'POST', request.method
|
146
149
|
assert_equal '/test', request.path
|
147
|
-
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=
|
150
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
|
148
151
|
assert_equal nil, request['authorization']
|
149
152
|
end
|
150
153
|
|
@@ -164,7 +167,7 @@ class ConsumerTest < Test::Unit::TestCase
|
|
164
167
|
assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
|
165
168
|
end
|
166
169
|
|
167
|
-
def
|
170
|
+
def test_that_signing_post_params_works_2
|
168
171
|
request=@consumer.create_signed_request(:post,@request_uri.path,@token,{:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp},@request_parameters,{})
|
169
172
|
|
170
173
|
assert_equal 'POST', request.method
|
@@ -319,10 +322,43 @@ class ConsumerTest < Test::Unit::TestCase
|
|
319
322
|
debug)
|
320
323
|
end
|
321
324
|
|
325
|
+
def test_post_with_body_stream
|
326
|
+
@consumer=OAuth::Consumer.new(
|
327
|
+
"key",
|
328
|
+
"secret",
|
329
|
+
{
|
330
|
+
:site=>"http://term.ie",
|
331
|
+
:request_token_path=>"/oauth/example/request_token.php",
|
332
|
+
:access_token_path=>"/oauth/example/access_token.php",
|
333
|
+
:authorize_path=>"/oauth/example/authorize.php"
|
334
|
+
})
|
335
|
+
|
336
|
+
|
337
|
+
@request_token=@consumer.get_request_token
|
338
|
+
@access_token=@request_token.get_access_token
|
339
|
+
|
340
|
+
request_body_string = "Hello, hello, hello"
|
341
|
+
request_body_stream = StringIO.new( request_body_string )
|
342
|
+
|
343
|
+
@response=@access_token.post("/oauth/example/echo_api.php",request_body_stream)
|
344
|
+
assert_not_nil @response
|
345
|
+
assert_equal "200",@response.code
|
346
|
+
|
347
|
+
request_body_file = File.open(__FILE__)
|
348
|
+
|
349
|
+
@response=@access_token.post("/oauth/example/echo_api.php",request_body_file)
|
350
|
+
assert_not_nil @response
|
351
|
+
assert_equal "200",@response.code
|
352
|
+
|
353
|
+
# unfortunately I don't know of a way to test that the body data was received correctly since the test server at http://term.ie
|
354
|
+
# echos back any non-oauth parameters but not the body. However, this does test that the request is still correctly signed
|
355
|
+
# (including the Content-Length header) and that the server received Content-Length bytes of body since it won't process the
|
356
|
+
# request & respond until the full body length is received.
|
357
|
+
end
|
358
|
+
|
322
359
|
protected
|
323
360
|
|
324
361
|
def request_parameters_to_s
|
325
362
|
@request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
|
326
363
|
end
|
327
|
-
|
328
364
|
end
|